WHO Reports a Greater Number of Cyberattacks on its Personnel

The World Health Organization (WHO) is a well-known organization that is fighting COVID-19. Cybercriminals and hacktivists have escalated attacks on WHO as it addresses the COVID-19 pandemic. WHO receives five times more attacks now as opposed to the same period last year.

A month ago, WHO stated that hackers had attempted to get access to its system along with those of its associates through spoofing an internal email system of WHO, and from then on the attacks have continued. A week ago, SITE Intelligence Group uncovered the credentials of many persons associated with the struggle against COVID-19 that were exposed on the internet on Pastebin, Twitter, 4chan, and Telegram. About 25,000 email and password combinations were exposed, this includes close to 2,700 credentials of WHO workers. WHO stated the information was taken from a previous extranet system and many of the credentials were not valid any longer, however, 457 were recent and still active.

As a reaction to the state of affairs, WHO carried out a password reset to make certain that the credentials won’t be usable, toughened internal security, enforced a safer authentication system, and enhanced the workers’ security awareness training.

The rest of the dumped credentials originated from agencies, for example, the Centers for Disease Control and Prevention, the National Institute of Health and the Gates Foundation. It’s not clear where the information originated from or who revealed it on the web, however, the credentials were employed for the right groups to attack institutions creating vaccines and doing other activities linked to COVID-19.

WHO CIO, Bernardo Mariano, stated that making certain that the protection of health details for member states and the privacy of end-users communicating with us is WHO’s main concern all the time, but also specifically at the time of the COVID-19 pandemic.

Mariano furthermore stated that persistent phishing campaigns are executed that spoof WHO to deceive persons into donating to a fake account such as the COVID-19 Solidarity Response Fund that’s under the care of WHO and the United Nations. Nation-state hacking gangs also perform campaigns that spoof WHO to deceive persons into installing malware that’s employed for spying.

COVID-19 and coronavirus inspired malicious attacks have increased during the last few weeks. Information issued by cybersecurity agency Zscaler states that COVID-inspired attacks went up by 30,000% in March with approximately 380,000 COVID-19 themed attacks attempted in comparison to January’s 1,200 or February’s 10,000.

COVID-19-inspired phishing attacks on remote business users went up by 85%. Threats aimed at business clients are higher by 17%. In March, the company stopped 25% more malicious web pages and malware samples. The company additionally discovered 130,000 suspicious or malicious newly enlisted domains that employed words including Wuhan, mask, test, and kit.

A large number of attacks succeed. Stats from the FTC show approximately $19 million were spent on COVID-19 linked scams as of January 2020, and $7 million was spent during the last 10 days. Google revealed figures early this month that in just one week it stopped 18 million COVID-19 phishing attacks. Although the number of COVID-19 inspired attacks has grown greatly, on the whole, the number of attacks has been kept fairly consistent. Microsoft data mentioned that the figure of cyberattacks didn’t considerably increase at the time of the COVID-19 pandemic. Threat actors are only adjusting their infrastructure and changing from their usual campaigns to COVID-19 themed attacks.